Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Header And Logo
|
Site Navigation
Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres
- From: "Douglas McNaught" <doug(at)mcnaught(dot)org>
- To: "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>
- Cc: "sanjay sharma" <sanksh(at)hotmail(dot)com>, pgsql-hackers(at)postgresql(dot)org
- Subject: Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres
- Date: Sun, 30 Mar 2008 17:37:43 -0400
- Message-id: <5ded07e00803301437n28abb52ay38ad5cf1653bd726@mail.gmail.com> <text/plain>
On Sun, Mar 30, 2008 at 4:36 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote: > sanjay sharma <sanksh(at)hotmail(dot)com> writes: > > 1. Transparent Data Encryption: The column which needs to be stored in encrypted form can be specified through DDL. The encryption key can be stored in a secure file accessible through a pass phrase. That particular column would apper in encrypted form for all users except the users specified through a grant to see the data in decrypted form. > > Exactly what threat do you see this protecting against, that wouldn't be > better solved by SQL-standard features like column-level access > permissions? Yes. And if you're concerned about people getting access to the raw data files, put $PGDATA on an encrypted partition. -Doug
- References:
- Prev by Date: Re: [GENERAL] Connection to PostgreSQL Using Certificate: Wrong Permissions on Private Key File
- Next by Date: Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres
- Previous by thread: Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres
- Next by thread: Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres
- Indexes: